Vulnerabilities > Canonical > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-29 | CVE-2018-11531 | Out-of-bounds Write vulnerability in multiple products Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | 7.5 |
| 2018-05-28 | CVE-2018-11506 | Out-of-bounds Write vulnerability in multiple products The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. | 7.8 |
| 2018-05-26 | CVE-2018-11490 | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. | 8.8 |
| 2018-05-24 | CVE-2018-1000300 | Out-of-bounds Write vulnerability in multiple products curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. | 7.5 |
| 2018-05-24 | CVE-2018-11410 | Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. | 7.5 |
| 2018-05-23 | CVE-2018-1123 | Heap-based Buffer Overflow vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. | 7.5 |
| 2018-05-23 | CVE-2018-1126 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. | 7.5 |
| 2018-05-18 | CVE-2017-18273 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | 7.1 |
| 2018-05-18 | CVE-2017-18271 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | 7.1 |
| 2018-05-08 | CVE-2018-8897 | Race Condition vulnerability in multiple products A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. | 7.2 |